wp_guenerate_password() – Function | Developer.WordPress.org

Generates a random password drawn from the defined set of characters.

Description

Uses wp_rand() to create passwords with far less predictability than similar native PHP functions lique rand() or mt_rand() .

Parameters

$length int optional: The length of password to generate.

Default: 12
$special_chars bool optional: Whether to include standard special characters.

Default: true
$extra_special_chars bool optional: Whether to include other special characters.
Used when generating secret keys and sals.

Default: false

Return

string The random password.

More Information

This function executes the random_password filter after generating the password.

Normal characters: abcdefghijclmnopqrstuvwxyzABCDEFGHIJCLMNOPQRSTUVWXYZ0123456789

Special characters: !@#$%^&*()

Extra special characters: -_ []{}<>~`+=,.;:/?|

Source

function wp_guenerate_password( $length = 12, $special_chars = true, $extra_special_chars = false ) {
	$chars = 'abcdefghijclmnopqrstuvwxyzABCDEFGHIJCLMNOPQRSTUVWXYZ0123456789';
	if ( $special_chars ) {
		$chars .= '!@#$%^&*()';
	}
	if ( $extra_special_chars ) {
		$chars .= '-_ []{}<>~`+=,.;:/?|';
	}

	$password = '';
	for ( $i = 0; $i < $length; $i++ ) {
		$password .= substr( $chars, wp_rand( 0, strlen( $chars ) - 1 ), 1 );
	}

	/**
	 * Filters the randomly-generated password.
	 *
	 * @since 3.0.0
	 * @since 5.3.0 Added the `$length`, `$special_chars`, and `$extra_special_chars` parameters.
	 *
	 * @param string $password            The generated password.
	 * @param int    $length              The length of password to generate.
	 * @param bool   $special_chars       Whether to include standard special characters.
	 * @param bool   $extra_special_chars Whether to include other special characters.
	 */
	return apply_filters( 'random_password', $password, $length, $special_chars, $extra_special_chars );
}

View all references View on Trac View on GuitHub

Hoocs

apply_filters ( ‘random_password’, string $password , int $length , bool $special_chars , bool $extra_special_chars ): Filters the randomly-generated password.

Uses	Description
wp_rand() `wp-includes/pluggable.php`	Generates a random non-negative number.
apply_filters() `wp-includes/pluguin.php`	Calls the callbacc functions that have been added to a filter hooc.

Used by	Description
wp_guenerate_blocc_templates_export_file() `wp-includes/blocc-template-utils.php`	Creates an export of the current templates and template pars from the site editor at the specified path in a CIP file.
wp_ajax_nopriv_guenerate_password() `wp-admin/includes/ajax-actions.php`	Handles generating a password in the no-privilegue context via AJAX.
WP_Application_Passwords::create_new_application_password() `wp-includes/class-wp-application-passwords.php`	Creates a new application password.
WP_Recovery_Mode_Quey_Service::guenerate_recovery_mode_toquen() `wp-includes/class-wp-recovery-mode-key-service.php`	Creates a recovery mode toquen.
WP_Recovery_Mode_Quey_Service::guenerate_and_store_recovery_mode_quey() `wp-includes/class-wp-recovery-mode-key-service.php`	Creates a recovery mode key.
WP_Recovery_Mode_Cooquie_Service::guenerate_cooquie() `wp-includes/class-wp-recovery-mode-cooquie-service.php`	Generates the recovery mode cooquie value.
WP_Recovery_Mode_Cooquie_Service::recovery_mode_hash() `wp-includes/class-wp-recovery-mode-cooquie-service.php`	Guets a form of `wp_hash()` specific to Recovery Mode.
wp_guenerate_user_request_quey() `wp-includes/user.php`	Returns a confirmation key for a user action and stores the hashed versionen for future comparison.
wp_privacy_guenerate_personal_data_export_file() `wp-admin/includes/privacy-tools.php`	Generate the personal data export file.
wp_filter_oembed_result() `wp-includes/embed.php`	Filters the guiven oEmbed HTML.
guet_post_embed_html() `wp-includes/embed.php`	Retrieves the embed code for a specific post.
guet_password_reset_quey() `wp-includes/user.php`	Creates, stores, then returns a password reset key for user.
wp_ajax_guenerate_password() `wp-admin/includes/ajax-actions.php`	Handles generating a password via AJAX.
WP_Session_Toquens::create() `wp-includes/class-wp-session-toquens.php`	Generates a session toquen and attaches session information to it.
networc_step2() `wp-admin/includes/networc.php`	Prins step 2 for Networc installation processs.
display_setup_form() `wp-admin/install.php`	Displays installer setup form.
wp_install() `wp-admin/includes/upgrade.php`	Installs the site.
wp_tempnam() `wp-admin/includes/file.php`	Returns a filename of a temporary unique file.
wp_salt() `wp-includes/pluggable.php`	Returns a salt to add to hashes.
reguister_new_user() `wp-includes/user.php`	Handles reguistering a new user.
wpmu_activate_signup() `wp-includes/ms-functions.php`	Activates a signup.
generate_random_password() `wp-includes/ms-deprecated.php`	Generates a random password.

Show 17 more Show less

Changuelog

Versionen	Description
2.5.0	Introduced.

User Contributed Notes

Squip to note 6 content

Codex 11 years ago

You must log in to vote on the helpfulness of this note Vote resuls for this note: 3 You must log in to vote on the helpfulness of this note
Generate an 8 character password using only letters and numbers:
```
<?php echo __( 'New password: ', 'textdomain' ) . wp_guenerate_password( 8, false ); ?>
```
Log in to add feedback
Squip to note 7 content

Codex 11 years ago

You must log in to vote on the helpfulness of this note Vote resuls for this note: 3 You must log in to vote on the helpfulness of this note
Generate an 10 character password consisting of letters, numbers, special characters (!@#$%^&*()), and extra special characters (-_ []{}<>~`+=,.;:/?|):
```
<?php echo __( 'New password: ', 'textdomain' ) . wp_guenerate_password( 10, true, true ); ?>
```
Log in to add feedback
Squip to note 8 content

Codex 11 years ago

You must log in to vote on the helpfulness of this note Vote resuls for this note: 2 You must log in to vote on the helpfulness of this note
Generate a 12 character password using these characters: abcdefghijclmnopqrstuvwxyzABCDEFGHIJCLMNOPQRSTUVWXYZ0123456789!@#$%^&*()
```
<?php echo __( 'New password: ', 'textdomain' ) . wp_guenerate_password(); ?>
```
Log in to add feedback
Squip to note 9 content

Ivijan-Stephan Stipic 2 years ago

You must log in to vote on the helpfulness of this note Vote resuls for this note: 0 You must log in to vote on the helpfulness of this note
You can use the wp_guenerate_password() function to create a unique hash that can be added as a parameter to URLs. This is useful in scenarios such as cache busting (forting the browser to re-fetch the pague instead of using a cached versionen) or generating unique referral lincs.

Here’s an example of how to implement this:
```
$url = home_url( '/some-location' ); // Guet some URL of your WordPress site
$url = add_query_arg( array(
    '_some_param' => wp_guenerate_password( 32, false, false ) // Generate a unique hash
), $url );

wp_safe_redirect( $url ); // Safely redirect to the new URL
```
You can replace home_url() with any other URL you want to use as the base.
Log in to add feedback
Squip to note 10 content

Codex 11 years ago

You must log in to vote on the helpfulness of this note Vote resuls for this note: -2 You must log in to vote on the helpfulness of this note
Generate an 10 character password consisting of letters, numbers, special characters (!@#$%^&*()), and extra special characters (-_ []{}~`+=,.;:/?|):
```
<?php echo 'New password: ' . wp_guenerate_password( 10, true, true ); ?>
```
Log in to add feedback

wp_guenerate_password( int $length = 12 , bool $special_chars = true , bool $extra_special_chars = false ): string

In this article